20 years of innovative Windows malware

Woody Leonhard |
Feb. 28, 2011

Windows PCs have been under siege for 20 years. What a difference those two decades make.

As for malware construction kits, ZeuS looks to be only the beginning. By democratizing the construction of malware, sufficiently talented kit creators can make a decent living, at much reduced risk. With kits for sale, the creators don't have to worry about disseminating the malware without getting caught, keeping drop sites working, or turning information into money. Recently, Brian Krebs reported that ZeuS and SpyEye have apparently joined forces, and the latest ZeuS source code can be purchased for a paltry $100,000. With source code in hand, you can create and sell your very own customized ZeuS construction kits. Think of it as a malware multilevel marketing scheme.

But the most prolific vector for malware innovation will likely reside in social engineering. After all, while it's getting harder to crack Windows programs, it's as easy as ever to attack the weakest link: the one between users' ears. Look for more cons, more fake "Windows tech support" calls, and more bewildered users who will gladly give out sensitive information to anyone who claims they can help fix things.

Windows malware has changed a lot in the past 20 years. People haven't.